diff options
| author | Vincent Batts <vbatts@hashbangbash.com> | 2017-01-23 18:33:31 +0000 |
|---|---|---|
| committer | David Spencer <idlemoor@slackbuilds.org> | 2017-01-24 00:21:55 +0000 |
| commit | f27ee67502e103c979c779a327e6b34b5bff4164 (patch) | |
| tree | 514b687c2a68f7c39c9c159af0b0c9c833fd4463 /desktop/flatpak/0bea92b.diff | |
| parent | f42700b6d61be01b02e54bc348e639ec946e68c4 (diff) | |
| download | slackbuilds-f27ee67502e103c979c779a327e6b34b5bff4164.tar.gz | |
desktop/flatpak: Added (sandboxing desktop applications).
Signed-off-by: David Spencer <idlemoor@slackbuilds.org>
Diffstat (limited to 'desktop/flatpak/0bea92b.diff')
| -rw-r--r-- | desktop/flatpak/0bea92b.diff | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/desktop/flatpak/0bea92b.diff b/desktop/flatpak/0bea92b.diff new file mode 100644 index 0000000000..05fd011cb2 --- /dev/null +++ b/desktop/flatpak/0bea92b.diff @@ -0,0 +1,67 @@ +commit 0bea92bd73c680b47482218c09f7987069d23ad8 +Author: Alexander Larsson <alexl@redhat.com> +Date: Mon Jan 23 18:24:21 2017 +0100 + + dbus-proxy: Make it work if XDG_RUNTIME_DIR not set + + The socket directory then ended up in $HOME which was read-only, so + we couldn't create the socket. We solve this by putting the sockets + in a subdirectory and always making this directory writable in the + proxy. + +diff --git a/common/flatpak-run.c b/common/flatpak-run.c +index 4fbb033..1774b0c 100644 +--- a/common/flatpak-run.c ++++ b/common/flatpak-run.c +@@ -2021,9 +2021,13 @@ flatpak_run_add_journal_args (GPtrArray *argv_array) + static char * + create_proxy_socket (char *template) + { +- g_autofree char *proxy_socket = g_build_filename (g_get_user_runtime_dir (), template, NULL); ++ g_autofree char *proxy_socket_dir = g_build_filename (g_get_user_runtime_dir (), ".dbus-proxy", NULL); ++ g_autofree char *proxy_socket = g_build_filename (proxy_socket_dir, template, NULL); + int fd; + ++ if (!glnx_shutil_mkdir_p_at (AT_FDCWD, proxy_socket_dir, 0755, NULL, NULL)) ++ return NULL; ++ + fd = g_mkstemp (proxy_socket); + if (fd == -1) + return NULL; +@@ -2061,7 +2065,7 @@ flatpak_run_add_system_dbus_args (FlatpakContext *context, + else if (dbus_proxy_argv && + g_hash_table_size (context->system_bus_policy) > 0) + { +- g_autofree char *proxy_socket = create_proxy_socket (".system-bus-proxy-XXXXXX"); ++ g_autofree char *proxy_socket = create_proxy_socket ("system-bus-proxy-XXXXXX"); + + if (proxy_socket == NULL) + return FALSE; +@@ -2112,7 +2116,7 @@ flatpak_run_add_session_dbus_args (GPtrArray *argv_array, + } + else if (dbus_proxy_argv && dbus_address != NULL) + { +- g_autofree char *proxy_socket = create_proxy_socket (".session-bus-proxy-XXXXXX"); ++ g_autofree char *proxy_socket = create_proxy_socket ("session-bus-proxy-XXXXXX"); + + if (proxy_socket == NULL) + return FALSE; +@@ -3393,6 +3397,7 @@ prepend_bwrap_argv_wrapper (GPtrArray *argv, + gsize bwrap_args_len; + glnx_fd_close int bwrap_args_fd = -1; + g_autofree char *bwrap_args_data = NULL; ++ g_autofree char *proxy_socket_dir = g_build_filename (g_get_user_runtime_dir (), ".dbus-proxy/", NULL); + + if (!glnx_dirfd_iterator_init_at (AT_FDCWD, "/", FALSE, &dir_iter, error)) + return FALSE; +@@ -3438,6 +3443,10 @@ prepend_bwrap_argv_wrapper (GPtrArray *argv, + } + } + ++ g_ptr_array_add (bwrap_args, g_strdup ("--bind")); ++ g_ptr_array_add (bwrap_args, g_strdup (proxy_socket_dir)); ++ g_ptr_array_add (bwrap_args, g_strdup (proxy_socket_dir)); ++ + g_ptr_array_add (bwrap_args, g_strdup ("--ro-bind-data")); + g_ptr_array_add (bwrap_args, g_strdup_printf ("%d", app_info_fd)); + g_ptr_array_add (bwrap_args, g_strdup ("/.flatpak-info")); |